b'DOE/IG-0472\n\n\n\n\nINSPECTION                           INSPECTION OF\n  REPORT                      SURPLUS COMPUTER EQUIPMENT\n                                  MANAGEMENT AT THE\n                                  SAVANNAH RIVER SITE\n\n\n\n\n                                       JUNE 2000\n\n\n\n\n U.S. DEPARTMENT OF ENERGY\nOFFICE OF INSPECTOR GENERAL\n    OFFICE OF INSPECTIONS\n\x0c                             U.S. DEPARTMENT OF ENERGY\n                                   Washington, DC 20585\n\n                                          June 1, 2000\n\n\n\nMEMORANDUM FOR THE SECRETARY\n\nFROM:          Gregory H. Friedman (signed)\n               Inspector General\n\nSUBJECT:       INFORMATION: Report on \xe2\x80\x9cInspection of Surplus Computer Equipment\n               Management at the Savannah River Site\xe2\x80\x9d\n\nBACKGROUND\n\nBy letter dated November 1, 1999, Senator Strom Thurmond advised the Office of Inspector\nGeneral of an allegation that computer equipment containing over 40 computer hard drives\nreportedly containing classified or sensitive information were surplused and sold by the\nDepartment\xe2\x80\x99s Savannah River Site (SRS). The letter raised the concern that the release of this\ninformation might pose a threat to the national security of the United States. The management\nand operating contractor at SRS, Westinghouse Savannah River Company (Westinghouse), is\nresponsible for the final disposal of surplus equipment, including computer hard drives.\n\nThe purpose of our inspection was to review the allegation concerning the sale of surplus\ncomputer equipment. The objectives of our inspection were to determine whether: (1) surplus\ncomputer equipment was disposed of in accordance with Federal and Department requirements,\nand (2) Government-owned computer equipment at SRS was properly cleared of sensitive\ninformation prior to disposal.\n\nRESULTS OF INSPECTION\n\nThe inspection disclosed that Westinghouse failed to comply with Department and SRS\nrequirements for disposal of surplus computer equipment. Specifically, despite Departmental\nrequirements, Westinghouse had not cleared stored information from all surplus computers nor\ndid it certify that the computers were sanitized prior to disposal.\n\nPrior to our inspection, Westinghouse initiated a \xe2\x80\x9cpreliminary inquiry\xe2\x80\x9d when an employee of an\noff-site buyer of computer equipment reported discovering a floppy disk labeled \xe2\x80\x9cSecret-\nRestricted Data\xe2\x80\x9d (Secret) among equipment purchased from SRS. Westinghouse reviewed a\nsample of 23 hard drives and 17 floppy disks found in surplused computer equipment off-site,\nand found that \xe2\x80\x9cvery few of the drives [in the sample] had been cleared.\xe2\x80\x9d SRS officials later\ndetermined the secret disk did not contain classified information. However, some of the hard\ndrives and floppy disks sampled did contain Unclassified Controlled Nuclear Information\n(UCNI) and other sensitive unclassified information. The release of UCNI appears to have\nviolated section 148 of the Atomic Energy Act. Further, computer equipment containing UCNI\nis considered high risk personal property the disposal of which is subject to specific Department\nof Energy requirements.\n\x0c                                               2\n\n\nWe learned that the disk marked secret, as well as hard drives and floppy disks containing UCNI,\nwere among two trailer loads of computer equipment being processed for a September 1999\nshipment to the People\xe2\x80\x99s Republic of China (PRC). This computer equipment was reacquired\nand destroyed. However, the inspection disclosed that other SRS computer equipment had been\nshipped to the PRC in the July 1999 timeframe. The shipper told us that he believed the\nshipment did not contain hard drives. But, he acknowledged that no inventory records of the\nshipment were kept. Thus, we had no way to determine the exact content of this shipment. We\nnoted that over 16,000 computers and computer related items were sold publicly by SRS during\nFiscal Years 1998 and 1999.\n\nFollowing the off-site discovery of computer equipment containing sensitive unclassified\ninformation and UCNI, Westinghouse decided that all future surplus computers and related\nequipment would be destroyed to prevent the release of sensitive information. We concluded\nthat the blanket destruction of all surplus computers and related equipment is not required by\nDepartment of Energy property disposal regulations. Savannah River management commented\nthat Westinghouse has now reversed the policy of destroying all surplus computer equipment.\n\nOur report made several recommendations to the Manager of the Savannah River Operations\nOffice that addressed weaknesses in the SRS property management program. Based on recurring\nproblems with the disposal of high risk personal property, we recommended that the Director,\nOffice of Procurement and Assistance Management, require a review of high risk property\nmanagement systems Department-wide. We also recommended that the Director, Office of\nSecurity and Emergency Operations, determine whether any security vulnerabilities resulted\nfrom the release of UCNI and security/privacy information.\n\nManagement concurred with the recommendations in our report and agreed to take corrective\nactions.\n\ncc:   Deputy Secretary\n      Under Secretary\n      Acting Under Secretary for Nuclear Security/Administrator for Nuclear Security\n\x0cINSPECTION OF SURPLUS COMPUTER EQUIPMENT\nMANAGEMENT AT THE SAVANNAH RIVER SITE\nTABLE OF      Overview\nCONTENTS\n              Introduction and Objective \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6... 1\n\n              Observations and Conclusions \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6... 1\n\n              Details of Findings\n\n              Requirements for Sanitizing/Clearing\n               Computer Equipment \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6. 5\n\n              Process for Sanitizing/Clearing\n               Classified Computer Equipment \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6..          5\n\n              Process for Sanitizing/Clearing\n               Unclassified Computer Equipment \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6..         5\n\n              SRS Property Sales \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6.                 6\n\n              Security System Data Sold \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6.             6\n\n              Computer Equipment Returned to Westinghouse \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6..    8\n\n              Weaknesses in Sanitizing/Clearing\n               Computer Equipment \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6                  8\n\n              Shipment of Computer Equipment to the\n               People\xe2\x80\x99s Republic of China \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6.            10\n\n              High Risk Disposal Requirements \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6           10\n\n              Shredding of Computer Equipment \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6..          11\n\n              Personal Property Disposal Considerations \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6...   12\n\n              Recommendations \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6...                   13\n\n              Management Comments \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6.\xe2\x80\xa6                   14\n\n              Inspector Comments \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6...                 16\n\n              Appendices\n\n              A. Scope and Methodology \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6..              18\n\n              B. Summary of Preliminary Inquiry Report \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6      19\n\n              C. Selected OIG Personal Property Reports \xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6\xe2\x80\xa6.     21\n\x0cOverview\nINTRODUCTION                          On November 1, 1999, the Office of Inspector General (OIG)\nAND OBJECTIVE                         received information from Senator Strom Thurmond concerning an\n                                      allegation regarding the sale of surplus computer equipment at the\n                                      Savannah River Site (SRS). In summary, it was alleged that SRS\n                                      surplused and sent off-site over 40 computer hard drives that\n                                      reportedly contained classified or sensitive information; and that\n                                      the release of this information might pose a threat to the national\n                                      security of the United States. The Department\xe2\x80\x99s major operating\n                                      contractor at SRS, Westinghouse Savannah River Company\n                                      (Westinghouse), is responsible for the final disposal of surplus\n                                      equipment, including computer hard drives.\n\n                                      The OIG initiated an inspection to determine whether: (1) surplus\n                                      computer equipment is disposed of in accordance with Federal and\n                                      Departmental requirements, and (2) Government-owned computer\n                                      equipment at SRS is properly cleared of sensitive information\n                                      before it is excessed to the public.\n\nOBSERVATIONS AND                      In reviewing the process to surplus and dispose of computer\nCONCLUSIONS                           equipment at SRS, the OIG found that Westinghouse failed to\n                                      comply with Departmental and site property management\n                                      requirements by not properly preparing surplus computer\n                                      equipment for disposal. Specifically, Westinghouse did not clear\n                                      stored information from all surplus computers and certify that the\n                                      computers were sanitized prior to disposal as required by Section\n                                      109-43.307-53, title 41, Code of Federal Regulations (CFR).\n\n                                      Prior to the OIG inspection of the sale of surplus computer\n                                      equipment at SRS, Westinghouse\xe2\x80\x99s Computer and Information\n                                      Security Section conducted a \xe2\x80\x9cpreliminary inquiry\xe2\x80\x9d by sampling 23\n                                      hard drives and 17 floppy disks taken from computer equipment\n                                      that had been sold as excess/surplus to a private business. The\n                                      November 1999 Westinghouse security report (see Summary of\n                                      Report, Appendix B) found that \xe2\x80\x9cvery few of the drives [in the\n                                      sample] had been cleared.\xe2\x80\x9d In addition, some of the hard drives\n                                      contained Unclassified Controlled Nuclear Information (UCNI) 1\n                                      and other sensitive unclassified information.\n\n                                      By selling computer equipment containing UCNI, Westinghouse\n                                      appears to have violated Section 148 of the Atomic Energy Act of\n\n1\n    Unclassified Controlled Nuclear Information - Certain unclassified government information prohibited from\n    unauthorized dissemination under Section 148 of the Atomic Energy Act of 1954, as amended \xe2\x80\x9cwhose\n    unauthorized dissemination, as determined by a Controlling Official, could reasonably be expected to have a\n    significant adverse effect on the health and safety of the public or the common defense and security . . . .\xe2\x80\x9d (10\n    CFR Section 1017.3)\n\n\nPage 1                                                       Inspection of Surplus Computer Equipment\n                                                             Management at the Savannah River Site\n\x0c                                     1954. This matter has been referred to the appropriate\n                                     investigative officials. Westinghouse also violated the\n                                     Department\xe2\x80\x99s requirements for disposing of high risk personal\n                                     property. 2 Westinghouse\xe2\x80\x99s Computer and Information Security\n                                     Section initiated its inquiry when an employee of an off-site buyer,\n                                     Allied Fabricators and Constructors, Incorporated (Allied),\n                                     reported discovering a floppy disk labeled \xe2\x80\x9cSecret-Restricted\n                                     Data\xe2\x80\x9d (Secret) among computer equipment purchased from SRS.\n                                     SRS officials later determined this floppy disk did not contain any\n                                     classified information. The owner of Allied provided the OIG a\n                                     copy of a shipping notice that indicated that the floppy disk was\n                                     among two trailer loads of computer equipment being processed\n                                     and loaded for a September 1999 shipment to the People\xe2\x80\x99s\n                                     Republic of China (PRC). Westinghouse\xe2\x80\x99s preliminary inquiry\n                                     determined that some of this computer equipment contained\n                                     sensitive unclassified and UCNI information. Computer\n                                     equipment used for UCNI is considered high risk property, and its\n                                     off-site release was contrary to DOE property management\n                                     requirements. Based on this discovery, Westinghouse repurchased\n                                     all of the computer equipment from Allied and ordered the\n                                     equipment destroyed. As a result of the decision to destroy this\n                                     equipment without further examination, no one can be sure exactly\n                                     what information existed on the unexamined computer equipment.\n                                     Also, due to the internal control weaknesses, no one can be sure\n                                     exactly what information may have been on other computer\n                                     equipment sold directly to other private individuals and companies.\n\n                                     Although the computer equipment pending shipment to the PRC in\n                                     September 1999 was eventually destroyed, the owner of Allied told\n                                     us that, around July 1999, other SRS computer equipment was\n                                     shipped to the PRC. Although he believed the shipment did not\n                                     contain hard drives, the owner of Allied told us that no records\n                                     were kept of the earlier PRC shipment. Therefore, the OIG had no\n                                     way to determine the volume or the exact content. We noted that\n                                     over 16,000 computers and computer related items were sold\n                                     publicly by SRS during Fiscal Years 1998 and 1999. Also, there\n                                     are approximately 147 classified computer systems in use at SRS.\n\n                                     Following the off-site discovery of computer equipment containing\n                                     sensitive unclassified and UCNI information, Westinghouse\n\n2\n    High risk personal property \xe2\x80\x93 Property that, because of its potential impact on public health and safety, the\n    environment, national security interests, or proliferation concerns, must be controlled, and disposed of in other\n    than the routine manner. The categories of high risk property are automated data processing equipment,\n    especially designed or prepared property, export controlled information or property, hazardous property, nuclear\n    weapon components or weapon-like components, proliferation sensitive property, radioactive property, special\n    nuclear material, and unclassified controlled nuclear information. (41 CFR Section 109-1.100-51)\n\n\nPage 2                                                                      Observations and Conclusions\n\x0c         decided that all future surplus computers and related equipment\n         would be destroyed to prevent the release of sensitive information.\n         We concluded that the blanket destruction of all surplus computers\n         and related equipment is not required by DOE property disposal\n         regulations.\n\n         On November 2, 1999, the DOE/Savannah River Operations\n         Office (SRO) Organizational Property Management Officer who\n         had been delegated authority to approve changes to the\n         Contractor\xe2\x80\x99s Property Management System, approved a\n         Westinghouse plan to shred all surplus Government-owned\n         computer equipment. The method of destruction chosen was\n         shredding in a device commonly used to shred \xe2\x80\x9cjunk\xe2\x80\x9d automobiles.\n         At the time of our inspection, Westinghouse had begun shredding\n         all surplus computers and computer equipment, including hard\n         drives. SRS storage warehouses contain over 2,100 surplus\n         personal computer systems (monitor, central processing unit,\n         keyboard, and mouse) which had been individually boxed and\n         stacked in April and July 1999 and were awaiting destruction.\n         Although these systems were considered \xe2\x80\x9cold\xe2\x80\x9d technology (IBM\n         386 or 486 processors and Apple Macintosh II systems), we were\n         told that each system had been determined by site computer\n         personnel to be operational.\n\n         The proper disposal by DOE and its contractors of excess personal\n         property, including surplus computer equipment, has been a\n         concern addressed previously by the OIG and the General\n         Accounting Office (GAO). The OIG has issued a number of\n         reports on property disposal weaknesses within the Department.\n         These reports are identified in Appendix C. In June 1995, GAO\n         issued a report entitled \xe2\x80\x9cDepartment of Energy \xe2\x80\x93 Procedures\n         Lacking to Protect Computerized Data,\xe2\x80\x9d Report Number\n         GAO/AIMD-95-118. As a result of the GAO report, Department\n         officials developed and issued policies and procedures governing\n         management and control of automated data processing equipment\n         (ADPE). For the purposes of this report, we will refer to ADPE as\n         computer equipment. The policies and procedures included\n         controls for establishing high risk personal property improvements\n         for managing export controlled property, and increased\n         requirements for proper disposal of computer equipment.\n\n         Our inspection of the sale of surplus computer equipment at the\n         SRS identified weaknesses in the Department\xe2\x80\x99s administration of\n         property management programs. As part of its implementation of\n         the Government Performance and Results Act of 1993 (GPRA),\n         the Department has established program goals, and measures\n\n\n\nPage 3                                   Observations and Conclusions\n\x0c         performance against these goals. Consequently, SRO established\n         the Savannah River Site Strategic Plan. The plan defines strategic\n         goals, key success measures, objectives and strategies in the\n         business lines of National Security, Nonproliferation,\n         Environmental Quality, and Science and Technology. This\n         inspection has documented methods to assist the Department in\n         meeting its goals and improving the efficiency of Federally funded\n         programs.\n\n\n\n\nPage 4                                  Observations and Conclusions\n\x0cDetails of Findings\nRequirements for                     The Department of Energy Property Management Regulations at\nSanitizing/Clearing                  41 CFR 109-43.307-53, require that DOE automated data\nComputer Equipment                   processing equipment be sanitized before being excessed to ensure\n                                     that all data, information, and software has been removed. The\n                                     regulations further require that designated computer support\n                                     personnel certify that the equipment has been sanitized by\n                                     attaching a tag to the item.\n\n                                     Reasons for proper implementation of the above property\n                                     management regulations include, among other things, protecting\n                                     information such as classified Restricted Data and UCNI from\n                                     unauthorized dissemination. The unauthorized dissemination of\n                                     both classified Restricted Data and UCNI is prohibited by the\n                                     Atomic Energy Act of 1954, as amended. The DOE implementing\n                                     regulations for protecting UCNI, at 10 CFR Section 1017.3,\n                                     include in the definition of \xe2\x80\x9cunauthorized dissemination\xe2\x80\x9d the\n                                     intentional or negligent transfer, in any manner, by any person, of\n                                     UCNI information or material to any unauthorized person.\n\nProcess for                          The process for ensuring that all classified information is properly\nSanitizing/Clearing                  cleared before classified computer systems are released to anyone\nClassified Computer                  outside of SRS is similar to the process explained below for\nEquipment                            unclassified computer systems. The notable exception is that\n                                     Westinghouse procedures require classified storage media (i.e.,\n                                     hard drives, floppy disks, etc.) to be sanitized by overwriting,\n                                     degaussing3 or destroying. Specific procedures govern the\n                                     application of each of these methods and when they are used.\n                                     Additionally, the procedures require all markings identifying the\n                                     former use of the system to be removed before the system is turned\n                                     over to property management officials for disposal. Theoretically,\n                                     this procedure should prevent classified media from ever reaching\n                                     the property management officials who arrange for excess property\n                                     sales and donations.\n\nProcess for                          Westinghouse computer security procedures assign responsibility\nSanitizing/Clearing                  to the Computer System Security Officer (CSSO) for ensuring that\nUnclassified Computer                all unclassified information, to include sensitive unclassified and\nEquipment                            UCNI, is properly cleared before a computer system is released to\n                                     anyone outside SRS. Different organizations within Westinghouse\n                                     have different CSSOs. Westinghouse computer users are also\n                                     assigned similar responsibilities for ensuring that all unclassified\n                                     magnetic media assigned to them are cleared before release.\n\n\n\n3\n    Degaussing is a process whereby the magnetic field is removed or neutralized.\n\n\n\nPage 5                                                                              Details of Findings\n\x0cSRS Property Sales                   Westinghouse had established a sales agreement/contract with\n                                     Allied from August 1, 1998, through July 31, 1999, for purchasing\n                                     and removal of excess computers and accessories from SRS at a\n                                     rate of about 10\xc2\xa2 per pound. XS Computers 4 was responsible for\n                                     receiving, managing and storing computer equipment for Allied.\n                                     Additionally, the General Services Administration auctioned some\n                                     of SRS\xe2\x80\x99s computer equipment to the public during this time.\n\nSecurity System                      During Westinghouse\xe2\x80\x99s preliminary inquiry, it was determined that\nData Sold                            five of the 23 sampled hard drives contained UCNI files that are\n                                     restricted from release under the Atomic Energy Act of 1954. For\n                                     example, two memory disk drives examined after being sold to and\n                                     then recovered from Allied still contained data from the SRS\n                                     Electronic Safeguards and Security System, also know as the E3S\n                                     VAX5 security system. These E3S security system memory disk\n                                     drives were two of 32 memory disk drives disposed of by\n                                     Westinghouse along with an E3S VAX computer in approximately\n                                     mid-1999. According to a Westinghouse Safeguards and Security\n                                     official, the E3S system serves as an umbrella for other software\n                                     modules, covering all automated physical security for the site\n                                     including alarm systems, intruder detectors, vault rooms, access\n                                     control, security badge information, and closed circuit televisions.\n                                     E3S information is considered UCNI.\n\n                                     According to a Westinghouse Safeguards and Security Engineering\n                                     official, the E3S memory disk drives that were disposed of served\n                                     as storage devices similar in operation to the 3\xc2\xbd inch disks utilized\n                                     by most personal computers. The memory disk drives are\n                                     physically much larger than a floppy disk, and had a storage\n                                     capacity of approximately 300 megabytes. According to the\n                                     engineering official, the memory disk drives stored executable\n                                     files, maps and database tables, and archived historic information.\n                                     These memory disk drives had been located within the SRS\n                                     Central Alarm Station and were connected to the E3S Local Area\n                                     Network and Wide Area Network.\n\n                                     During our inspection, Westinghouse was unable to locate the\n                                     other 30 E3S memory disk drives that had been excessed. In the\n                                     conclusions of its November 1999 preliminary inquiry,\n                                     Westinghouse\xe2\x80\x99s Computer and Information Security Section\n\n4\n    XS Computers is a subsidiary of Allied Fabricators.\n5\n    VAX computers are 32-bit supermicrosystems manufactured by Digital Equipment company and are designed to\n    support a high-performance, multi-programming environment. Multi-programming enables simultaneous\n    execution of many applications and interactive development of applications programs. VAX systems are\n    designed for real-time, timesharing, and batch applications and offer a choice of operating systems, high-level\n    languages, information management software, and programmer productivity tools.\n\n\nPage 6                                                                                     Details of Findings\n\x0c                        assumed that the E3S data had been totally compromised to an\n                        adversary, but concluded that the potential impact of all 32 E3S\n                        memory disk drives being lost was minimal. With respect to the\n                        compromised memory disk drives, the Westinghouse preliminary\n                        inquiry report stated that \xe2\x80\x9cInformation that could be revealed is the\n                        social security numbers of those individuals with access to the E3S\n                        system.\xe2\x80\x9d Further, the report stated that \xe2\x80\x9cThe alarm sectors of the\n                        E3S system detailing what alarms are in a specific monitoring\n                        sector would be revealed\xe2\x80\x9d and \xe2\x80\x9cThe software used to monitor the\n                        E3S system is revealed . . . .\xe2\x80\x9d The report noted that no passwords\n                        were revealed and that the software involved was purchased\n                        commercially. The report stated that no connections existed\n                        between the E3S system and SRS classified computing systems\n                        and concluded that, in the opinion of the writers, an adversary\n                        could not use the information revealed by this compromise to\n                        successfully attack SRS\xe2\x80\x99s security system.\n\n                        We believe that the compromise of the 32 memory disk drives\n                        from the SRS umbrella security system is a significant security and\n                        privacy concern which warrants further review by security officials\n                        with detailed knowledge of physical, personnel, and computer\n                        security safeguards systems. Therefore, we briefed officials from\n                        DOE\xe2\x80\x99s Office of Security and Emergency Operations on this issue\n                        and are recommending they conduct or direct an appropriate\n                        review. Although Westinghouse has taken some action with\n                        respect to the security of the E3S in its current configuration,\n                        additional actions may be necessary, to include, at a minimum,\n                        notifying the personnel involved that their social security numbers\n                        and/or other personal identifying information may have been\n                        compromised so they can take appropriate precautions.\n\nThe SRS VAX systems\nin the photograph are\nsimilar to the system\nsold by Westinghouse.\n\n\n\n\nPage 7                                                                 Details of Findings\n\x0cComputer Equipment                   In addition to the equipment identified by Westinghouse, the\nReturned to                          owner of Allied provided us with a listing of other hard drives,\nWestinghouse                         optical media discs, 6 and diskettes that he had voluntarily returned\n                                     at various times to Westinghouse officials. The list included 47\n                                     hard drives, 63 optical media discs, 16 5\xc2\xbc inch floppy diskettes,\n                                     and 25 3\xc2\xbd inch floppy diskettes. Allied\xe2\x80\x99s owner stated that he had\n                                     returned the listed items to Westinghouse between June and\n                                     October 1999. He stated that he had directed his employees to\n                                     look for and pull hard drives during their walk through the storage\n                                     area because of the concerns raised after locating and returning the\n                                     63 optical media discs. He had read recent newspaper articles of\n                                     instances where security might have been jeopardized because\n                                     government sensitive information had been released to China.\n                                     Allied\xe2\x80\x99s owner told us he returned the diskettes and drives he had\n                                     received from Westinghouse because he was concerned they might\n                                     also contain sensitive information. The OIG was informed by\n                                     Westinghouse officials that Westinghouse had begun developing\n                                     procedures to prevent the release of sensitive computer equipment\n                                     in the future. With respect to the computer equipment returned by\n                                     Allied\xe2\x80\x99s owner, a Westinghouse manager told us that all of these\n                                     hard drives, optical media discs, and floppy diskettes have since\n                                     been destroyed. Consequently, it is impossible to determine if\n                                     sensitive information was contained on the drives/diskettes and the\n                                     optical media discs.\n\nWeaknesses in                        Despite DOE regulations, Westinghouse did not certify that\nSanitizing/Clearing                  computer equipment was properly cleared before being\nComputer Equipment                   excessed, and that diskettes were properly overwritten or\n                                     destroyed. Also, Westinghouse did not ensure all computer\n                                     equipment had a single review by the responsible official, to\n                                     ensure it was cleared before it was sold. Our finding is consistent\n                                     with the Westinghouse security preliminary inquiry report.\n                                     Specifically, the report states:\n\n                                              It is apparent that this responsibility was exercised\n                                              differently by different organizational CSSOs.\n                                              Some would take the initiative to contact Computer\n                                              and Information Security or Digital Controls and\n                                              Services [Systems] (DC&S) for assistance in\n                                              clearing/degaussing the drives and excessing the\n                                              systems; some however, apparently thought that this\n                                              would be done after they placed the equipment in\n                                              Excess.\n\n6\n    Optical media discs \xe2\x80\x93 A storage medium from which data is read and to which it is written by lasers. Optical discs\n    can store much more data (6 billion bytes) than most portable magnetic media, such as floppies.\n\n\n\nPage 8                                                                                      Details of Findings\n\x0c                                     The Manager of Westinghouse\xe2\x80\x99s Digital Controls and Systems\n                                     (DC&S) Department, tasked with providing technical assistance\n                                     and expertise to those who are clearing hard disk drives for non-\n                                     personal computers, 7 stated that users of computer equipment do\n                                     not always request DC&S services to clear hard drives. The\n                                     manager said if users or owners of computer equipment felt that\n                                     they could clean their system then they would not request DC&S\n                                     services for clearing the computer equipment.\n\n                                     We noted that there are approximately 147 classified computer\n                                     systems at SRS. The OIG did not find evidence during this\n                                     inspection that classified information or Restricted Data had been\n                                     inappropriately released. However, this inspection did not\n                                     specifically review the disposition of all classified systems\n                                     surplused/excessed in recent years. The classified computer\n                                     equipment disposal process may have experienced weaknesses\n                                     similar to those in the disposal process for computers used for\n                                     UCNI, as demonstrated by the discovery at Allied of the floppy\n                                     disk labeled \xe2\x80\x9cSecret - Restricted Data.\xe2\x80\x9d Since the computer\n                                     equipment recovered by Westinghouse from Allied was destroyed\n                                     without further examination, no one can be certain what\n                                     information, if any, was on the unexamined equipment when it was\n                                     destroyed. We also do not know what information may have been\n                                     contained in computers disposed of to other private individuals or\n                                     companies, e.g., school donations, auctions, etc.\n\n                                     Westinghouse officials recently awarded a contract to exchange\n                                     Government-owned personal computers (desktops) for leased\n                                     systems. This will involve approximately 12,000 personal\n                                     computers used by Westinghouse personnel. With respect to\n                                     clearing information from leased computer drives, the terms of the\n                                     contract assign the contractor responsibility for clearing personal\n                                     computer hard drives and attaching a label to the system prior to\n                                     transferring the system for final disposal. Personal computers used\n                                     by DOE Federal and contractor personnel, with the exception of\n                                     Westinghouse, will not be included in the leasing program.\n\n\n\n\n7\n    Non-personal computers \xe2\x80\x93 Non-singular user ADP system, generally a larger item consisting of the central\n    processing unit (CPU), expansion cards, etc., that form a composite workstation (i.e., VAX systems, UNIX\n    systems, stations/servers).\n\n\nPage 9                                                                                     Details of Findings\n\x0cShipment of Computer   The floppy disk labeled \xe2\x80\x9cSecret-Restricted Data,\xe2\x80\x9d and other\nEquipment to the       computer equipment found by Westinghouse and later determined\nPeople\xe2\x80\x99s Republic      to contain sensitive unclassified and UCNI information, was\nof China               originally pending shipment to the PRC. Specifically, the owner of\n                       Allied provided us a copy of a shipping notice indicating that two\n                       trailer loads of computer equipment received from SRS were being\n                       processed for shipment to the PRC. The shipping notice showed\n                       that a California company purchased the equipment for delivery to\n                       Nanhal Sanshan Harbor, a region within the PRC. Westinghouse\n                       was unable to provide documentation indicating the planned\n                       shipment had been cleared of sensitive information. The sale of\n                       uncleared computer equipment that contained UCNI information\n                       appears to have violated the Atomic Energy Act of 1954. It also\n                       violated DOE disposal requirements for high risk property.\n                       Further, though this pending shipment to the PRC was stopped,\n                       two trailer loads of previous SRS excessed computer equipment\n                       had been shipped to the PRC around July 1999.\n\nHigh Risk Disposal     Computer equipment used to process UCNI is subject to\nRequirements           Department regulations which govern high risk property disposal.\n                       Property management regulations and DOE policy require\n                       computer equipment used for UCNI to be identified, marked, and\n                       controlled to assure proper treatment at disposal and to prevent\n                       unauthorized disclosure. Westinghouse property management\n                       officials responsible for disposal of the computer equipment had\n                       considered the equipment to be scrap without meeting high risk\n                       property disposal requirements. Specifically, Allied\xe2\x80\x99s owner told\n                       us two containers with former SRS computer equipment he\n                       purchased as scrap, had been shipped to the PRC. The owner\n                       stated that the shipment was \xe2\x80\x9caround July 1999;\xe2\x80\x9d however, he did\n                       not have a copy of the shipping document nor the dollar amount of\n                       the sale. He believed the shipment included monitors, keyboards,\n                       cables, but no hard drives. The owner said that due to press reports\n                       regarding Chinese espionage, he contacted a Westinghouse\n                       procurement official and informed the official that the business had\n                       a shipment bound for China. He reportedly was told that a\n                       Westinghouse procurement official would contact him if there\n                       were any concerns. Allied\xe2\x80\x99s owner also said he waited\n                       approximately two weeks for the official to contact him before he\n                       allowed the computer equipment to be shipped to the PRC.\n\n                       The Westinghouse export control officer told us that she had been\n                       contacted by the Westinghouse procurement official regarding this\n                       pending shipment to the PRC. The export control official stated\n                       that she then contacted the Westinghouse General Counsel\xe2\x80\x99s office\n                       and informed an attorney that she was attempting to locate the\n\n\n\nPage 10                                                               Details of Findings\n\x0c                          broker responsible for arranging a shipment to the PRC.\n                          According to the export control official, the procurement official\n                          later informed her that he had not been given the name of the\n                          broker and the shipment had already taken place. Because the\n                          export control official was never able to identify the broker prior to\n                          shipment, she was unable to determine if the broker was on the\n                          Federal Denied Parties List that identifies individuals and\n                          companies whose export privileges have been denied.\n                          Subsequently, the export control official identified the broker and\n                          confirmed the broker was not on the Federal Denied Parties List.\n\nShredding of Computer Once the sale of computer equipment containing sensitive\nEquipment             unclassified and UCNI information to Allied was discovered,\n                      Westinghouse officials repurchased and destroyed all computer\n                      equipment sold to or located at Allied.\n\n                          We noted that Westinghouse had paid Allied over $59,000 and was\n                          awaiting a decision to make final settlement for the computer\n                          equipment repurchased. Of the over $59,000 paid, over $9,000\n                          was paid for withdrawal of a pending shipment to the PRC and\n                          $50,000 was paid as \xe2\x80\x9cgood faith\xe2\x80\x9d money for retrieving computer\n                          equipment from Allied while awaiting a final repurchase\n                          agreement. According to the sales agreements, Westinghouse\n                          received approximately $41,000 for computer equipment sold to\n                          Allied during execution of the contract. Later, Westinghouse\n                          officials requested permission from SRO to shred all surplus\n                          computer equipment components reasoning that it takes too many\n                          staff-hours to validate which equipment was a security risk.\n\n                          On November 2, 1999, the DOE Organizational Property\n                          Management Officer approved a plan to allow Westinghouse to\n                          shred all components of surplus Government-owned computer\n                          equipment. Upon the Organizational Property Management\n                          Officer\xe2\x80\x99s approval, Westinghouse began the process of shredding\n                          all computer equipment components. Subsequent to the approval\n                          by SRO, Westinghouse began transporting all excess computer\n                          equipment to West Columbia, South Carolina, for destruction in a\n                          large shredder.\n\n\n\n\nPage 11                                                                   Details of Findings\n\x0cAllied\xe2\x80\x99s outside storage area.\nThe computer equipment at\nright was later repurchased\nand shredded by\nWestinghouse.\n\n\n\n\nAllied\xe2\x80\x99s indoor storage\nshowing equipment in good\ncondition that was later\nrepurchased and shredded\nby Westinghouse.\n\n\n\n\nPersonal Property                The blanket destruction of all surplus computer equipment is not\nDisposal                         required by property disposal regulations. As stated earlier, DOE\nConsiderations                   regulations require that high risk personal property, such as\n                                 computer equipment used for UCNI, be identified, marked, and\n                                 controlled to assure proper treatment at disposal. Normally, non-\n                                 sensitive surplus computer equipment is disposed of through sales\n                                 at prices which are fair and reasonable, and not disposed of for less\n                                 than could reasonably be expected to be obtained if the personal\n                                 property was offered for competitive sale.\n\n                                 During our inspection, the computer equipment that had already\n                                 been sent or that was awaiting shipment to the shredder contractor\n                                 included storage arrays, printers, plotters, disk drives, controllers,\n                                 mini-CPUs, tape drives, and video printers. Additionally, we\n                                 observed that a total of over 2,100 PCs including IBM (386 and\n\n\nPage 12                                                                           Details of Findings\n\x0c                  486 processors) and Apple Macintosh II systems had been boxed\n                  and stacked in April and July 1999 and were awaiting shredding.\n                  Although the 2,100 PCs were considered by Westinghouse to be\n                  old technology, we were told that each PC (CPU, monitor,\n                  keyboard, and mouse) had been determined to be operational prior\n                  to boxing.\n\nRecommendations   We recommend that the Director, Office of Procurement and\n                  Assistance Management:\n\n                  1. Require a review of the Department\xe2\x80\x99s Property Management\n                     Systems to ensure disposal of High Risk Personal Property is\n                     processed in accordance with the Department\xe2\x80\x99s Property\n                     Management Regulations.\n\n                  We recommend the Director, Office of Security and Emergency\n                  Operations Office:\n\n                  2. Determine whether there are any possible security\n                     vulnerabilities resulting from the release of UCNI and\n                     security/privacy information.\n\n                  We recommend that the General Counsel:\n\n                  3. Evaluate whether the public release of personal identifying\n                     information (such as badge office data and social security\n                     numbers) by Westinghouse was contrary to the Privacy Act\n                     and take appropriate action regarding the legal implications of\n                     this release.\n\n                  We recommend that the Manager, Savannah River Operations\n                  Office:\n\n                  4. Evaluate Westinghouse\xe2\x80\x99s actions in disposing of\n                     computer equipment, disallow the costs incurred for\n                     any actions not consistent with contract terms, and\n                     consider these actions when determining payments\n                     from the available fee pool.\n\n                  5. Require Westinghouse officials to ensure CSSO\xe2\x80\x99s or\n                     custodians inspect and certify all computer equipment for\n                     proper clearance prior to turning in the equipment for disposal.\n\n                  6. Require Westinghouse officials to ensure all computer\n                     equipment will be checked for certification to confirm that\n\n\n\n\nPage 13                                                        Recommendations\n\x0c                 magnetic media and diskettes are properly cleared before being\n                 declared excess.\n\n             7. Require Westinghouse officials to review contract\n                requirements for selling excess computer equipment to ensure\n                terms and conditions of future sales adhere to Departmental\n                requirements.\n\n             8. Conduct a thorough review of Savannah River\xe2\x80\x99s High Risk\n                Personal Property control process and its excess sales processes\n                as it relates to high risk property.\n\n             9. Require Westinghouse to comply with the Department\xe2\x80\x99s\n                Property Management Regulations regarding disposal of High\n                Risk Personal Property by submitting written procedures for\n                approval by the Contracting Officer.\n\n             10. Determine whether Westinghouse\xe2\x80\x99s policy of shredding all\n                 computer equipment is in the best interest of the Government.\n                 If this policy is not in the best interest of the Government,\n                 direct Westinghouse to cease its current policy.\n\n             11. Require Westinghouse to seek approval of the Contracting\n                 Officer prior to implementing any changes to its property\n                 management policy.\n\n             12. Evaluate the process used by Westinghouse to protect Privacy\n                 Act information which is maintained on behalf of the\n                 Department.\n\nManagement   Departmental management provided responses to the draft report\nComments     and concurred with all the report\xe2\x80\x99s recommendations. Specific\n             responses are outlined below.\n\n             The Director, Office of Procurement and Assistance Management,\n             stated that his office concurred with Recommendation 1. The\n             Director stated his office \xe2\x80\x9cwill require all field sites to review their\n             federal office/contractor\xe2\x80\x99s property management procedures to\n             ensure that High Risk Personal Property is being disposed of in\n             accordance with the Department\xe2\x80\x99s Property Management\n             Regulations (DOE/PMRs).\xe2\x80\x9d The Director also stated the \xe2\x80\x9cfield\n             sites will be required to provide a summary of their findings for\n             each federal office/contractor reviewed. If necessary,\n             Headquarters can then do a random sampling of the federal\n             offices/contractors to ensure the procedures are efficient, cost-\n             effective and in compliance with Regulations.\xe2\x80\x9d\n\n\n\nPage 14                                              Management Comments\n\x0c          The Director, Office of Security and Emergency Operations, stated\n          that his office concurred with Recommendation 2. The Director\n          stated his office is planning to organize, schedule and conduct a\n          joint Office of Safeguards and Security and Environmental\n          Management damage assessment investigation to be completed by\n          June 15, 2000. The investigation will focus on the potential\n          compromise of classified information, UCNI, the SRS automated\n          access control and physical security system, and other possible\n          security vulnerabilities.\n\n          The General Counsel\xe2\x80\x99s Office stated they do not have any\n          comments or objections regarding Recommendation 3.\n\n          Savannah River Operations (SRO) management concurred with\n          Recommendations 4-12, and provided general comments on the\n          contents of the draft report. SRO agreed to determine appropriate\n          action for Recommendation 4 by June 30, 2000. For\n          Recommendations 5-7, 9 and 11, SRO agreed to take appropriate\n          action by May 31, 2000. For Recommendation 8, SRO agreed to\n          conduct a review of the High Risk personal property control\n          process by July 31, 2000.\n\n          For Recommendation 10, SRO agreed and stated that actions to\n          cease the practice of shredding computer equipment had already\n          been taken. The SRO Manager stated:\n\n                 The Report implies that there was no basis for the\n                 destruction of surplus computer equipment on hand,\n                 and that the practice of shredding all surplus\n                 computer scrap is unwarranted. DOE has been\n                 advised by WSRC [Westinghouse] that the initial\n                 decision to destroy all computer equipment has\n                 subsequently been rescinded and currently, no\n                 equipment is being shredded pending a\n                 re-evaluation of the site policy. In all likelihood,\n                 surplus computer equipment such as monitors,\n                 keyboards, cables and printers will be sold in an \xe2\x80\x9cas\n                 is\xe2\x80\x9d condition or as scrap depending on condition.\n                 Central Processing Units (CPU\xe2\x80\x99s) and media will\n                 likely be destroyed. The decision to destroy the\n                 equipment that was recovered from Allied was\n                 based on an economic analysis performed at that\n                 time that supported destruction as the most cost\n                 beneficial disposition. Property Management\n                 procedures related to the disposition of surplus\n\n\n\n\nPage 15                                          Management Comments\n\x0c                   computer equipment are being revised to address\n                   the lesson\xe2\x80\x99s learned from this incident.\n\n            In respect to the shredding of computer equipment, the SRO Chief\n            Financial Officer stated:\n\n                   \xe2\x80\xa6it should be noted that this action is not a\n                   common practice at Savannah River Site and that it\n                   was in fact weighed to be the most feasible and cost\n                   effective means at the time in order to eliminate any\n                   further risk. In the two main shredding incidents, a\n                   High-Risk reevaluation of said commodities would\n                   cause action to have each unit be considered for\n                   review. In addition, component sorting and\n                   reprocessing through the disposal system could\n                   have been very labor intensive. It was concluded\n                   that the cost incurred to provide for the safe\n                   handling and resource needs to perform this\n                   intensive task would not be prudent when\n                   considering the low resale value for non-Y2K\n                   compliance computers and their components.\n\n            SRO also provided general comments on the draft report that\n            conveyed several distinct concerns. SRO requested that our report\n            include a statement that the OIG inspection did not disclose any\n            situation where classified information had been sent off-site or\n            inadvertently transported overseas in the process of computer\n            equipment disposal at SRS.\n\n            SRO also stated that classified information is protected differently\n            than unclassified information reducing the chance of inadvertent\n            disclosure of classified information. SRO requested that the OIG\n            recognize in the report \xe2\x80\x9cdifferences in the levels of controls over\n            classified information from those of unclassified, sensitive\n            information.\xe2\x80\x9d\n\nINSPECTOR   We consider management\xe2\x80\x99s comments to our recommendations\nCOMMENTS    to be responsive. Where appropriate, we have incorporated\n            management\xe2\x80\x99s comments into the final report.\n\n            With respect to SRO\xe2\x80\x99s concerns regarding classified information,\n            the OIG recognizes there are differences in the levels of control\n            over classified information and unclassified sensitive information.\n            However, despite these controls, Westinghouse allowed a floppy\n            disk labeled \xe2\x80\x9cSecret-Restricted Data\xe2\x80\x9d to be sold and transported\n            off-site. At the time the disk was discovered it was included in a\n\n\n\nPage 16                                               Inspector Comments\n\x0c          pending shipment to the PRC. SRS officials later determined this\n          disk did not contain classified information. Nevertheless, this\n          situation raises concerns about the internal controls that were in\n          place for protecting classified information. Additionally, not all of\n          the computer equipment repurchased from Allied was examined\n          before it was destroyed. Further, over 16,000 computers and\n          computer related items were sold publicly by SRS during Fiscal\n          Years 1998 and 1999. Without the examination of all computer\n          related items sold by SRS, both publicly and through contract to\n          Allied, we were unable to conclude whether classified information\n          had been sent off-site or inadvertently transported overseas.\n\n\n\n\nPage 17                                             Inspector Comments\n\x0cAppendix A\nSCOPE AND     The inspection was initiated at the Savannah River Operations\nMETHODOLOGY   Office in Aiken, South Carolina, in November 1999.\n\n              This inspection was conducted in accordance with the \xe2\x80\x9cQuality\n              Standards for Inspections\xe2\x80\x9d issued by the President\xe2\x80\x99s Council on\n              Integrity and Efficiency. As part of our inspection, we interviewed\n              officials at DOE\xe2\x80\x99s Savannah River Operations Office and\n              Westinghouse Savannah River Company. We also reviewed\n              pertinent records and documents pertaining to Westinghouse\xe2\x80\x99s\n              Computer Security, Export Control, and Asset Management\n              Operations.\n\n\n\n\nPage 18                                              Scope and Methodology\n\x0cAppendix B\n                          SUMMARY OF PRELIMINARY INQUIRY REPORT\n                                    REPORT #PL 99-063\n\nOn November 11, 1999, Westinghouse\xe2\x80\x99s Computer and Information Security Section issued a\npreliminary report documenting a security inquiry conducted August through October 1999.\nThis report informed Westinghouse officials that a 5-1/4 inch floppy disk labeled Secret\nRestricted Data was found in a disposed VAX (supermicrosystem manufactured by Digital\nEquipment Corporation) system which had been sold to Allied Fabricators. The VAX was\nformerly used at the Site\xe2\x80\x99s Tritium Facilities to manage the Automated Reservoir Management\nSystem (ARMS) 8 program. Later, Westinghouse officials determined that the disk was used to\nboot up the system from the console. The officials concluded that the disk had remained with the\nsystem for a prolonged period of time and would not have been any use to the system in its\npresent configuration. The disk was labeled \xe2\x80\x9cSecret\xe2\x80\x9d because it was associated with a classified\nsystem and required to have been marked to the highest level available for data the system would\nbe able to process. After further review by Westinghouse\xe2\x80\x99s Computer Security officials, the disk\nwas determined not to contain any classified files because the space on the disk was used for\nunclassified boot-up system information.\n\nAs a result of this incident, a Westinghouse Computer Security official visited Allied to\ndetermine if there was other media that might have been considered as classified or sensitive and\nsold by SRS officials. The official noticed one trailer filled with computer parts, and determined\nthat the trailer was about to be shipped from the location. Also, the official stated that although\nno items were found marked as classified or sensitive, several items were returned to SRS for\ninspection and evaluation, including hard drives and various floppy disks. The inquiry report\nstated that \xe2\x80\x9cWhen the installed drives were found it was not apparent, in most cases, whether or\nnot they had been cleared/degaussed in any way until after the installed drives were returned to\nthe site. Upon further inspection, it was discovered that very few of the drives had been\ncleared.\xe2\x80\x9d\n\nSubsequently, a meeting was held with Westinghouse\xe2\x80\x99s Computer Security, Export Control,\nProperty Management, and Procurement officials. The DOE/SRO\xe2\x80\x99s Computer and Information\nSecurity Official also attended this meeting. Westinghouse\xe2\x80\x99s management personnel decided to\nhalt pending shipments of two trailer loads of computer equipment to the PRC and required\nAllied\xe2\x80\x99s owner to delay any movement until further notice was given by Westinghouse. The\ncomputer equipment loaded on these trailers included monitors, mainframe computers,\nkeyboards, and miscellaneous cards, and cables. Later, an agreement was reached between\nWestinghouse officials and the owner of Allied that allowed Westinghouse to pay the price of\nthe negotiated sale for the two trailer loads of computer equipment.\n\n\n\n\n8\n    Automated Reservoir Management System (ARMS) \xe2\x80\x93 ARMS is an online reservoir production and data archive\n    system that provides real-time reservoir tracking and inventory, process calculations, operator instructions, and\n    data entry screens to capture, store, and manage reservoir-related processing information. ARMS does not\n    provide process control but verifies data and sequence of operation.\n\n\n\nPage 19                                                                   Summary of Preliminary Inquiry\n\x0cWestinghouse officials determined that most drives had not been cleared and many of the floppy\ndisks that had not been damaged due to weathering contained operational files, some of which\nrevealed sensitive personnel information. As noted by Westinghouse\xe2\x80\x99s preliminary inquiry:\n\n       Sensitive unclassified employee personnel information was found in the retrieved\n       media from a desk top personal computer. Two VAX unit memory disks were\n       found which contained sensitive unclassified SRS E3S security system data. The\n       E3S VAX along with 32 memory disks had been excessed and sold to Allied\n       Fabricators in the same time period as the ARMS VAXs. The E3S system is\n       approved for up to Unclassified Controlled Nuclear Information (UCNI).\n\nIn October 1999, as a result of information found on hard drives and floppy disks, Westinghouse\nofficials repurchased all computer equipment sold to or located at Allied Fabricators and\nsubsequently transported the retrieved equipment to West Columbia, South Carolina, for\nshredding. Westinghouse officials said they witnessed the shredding of this computer\nequipment.\n\n\n\n\nPage 20                                                    Summary of Preliminary Inquiry\n\x0cAppendix C\n              SELECTED OIG PERSONAL PROPERTY REPORTS\n\nIG-0455       Inspection Report on \xe2\x80\x9cInspection of the Sale of a Paragon Supercomputer by\n              Sandia National Laboratories,\xe2\x80\x9d December 1999\n\nIG-0385       \xe2\x80\x9cSpecial Audit Report on the Department of Energy\xe2\x80\x99s Arms and\n              Military-Type Equipment,\xe2\x80\x9d February 1996\n\nIG-0344       \xe2\x80\x9cSummary Report on Department of Energy\xe2\x80\x99s Management of Personal\n              Property,\xe2\x80\x9d March 1994\n\nIG-0343       \xe2\x80\x9cInspection of the Management of Excess Personal Property at Sandia\n              National Laboratory, Albuquerque, New Mexico,\xe2\x80\x9d March 1994\n\nIG-0329       \xe2\x80\x9cInspection of Management of Excess Personal Property at Rocky Flats,\xe2\x80\x9d\n              May 1993\n\nER-B-98-07    Audit Report on \xe2\x80\x9cPersonal Property at the Oak Ridge Operations Office and\n              the Office of Scientific and Technical Information,\xe2\x80\x9d April 1998\n\nWR-B-97-07    \xe2\x80\x9cAudit of Desktop Computer Acquisitions at the Idaho National Engineering\n              and Environmental Laboratory,\xe2\x80\x9d August 1997\n\nINS-L-93-01   Inspection Report on \xe2\x80\x9cControls Over Personal Computer Equipment at the\n              Savannah River Site,\xe2\x80\x9d January 1993\n\n\n\n\nPage 21                                                        Selected OIG Reports\n\x0c                                                                    IG Report No. DOE/IG-0472\n\n                           CUSTOMER RESPONSE FORM\n\nThe Office of Inspector General has a continuing interest in improving the usefulness of its\nproducts. We wish to make our reports as responsive as possible to our customers\xe2\x80\x99 requirements,\nand, therefore, ask that you consider sharing your thoughts with us. On the back of this form,\nyou may suggest improvements to enhance the effectiveness of future reports. Please include\nanswers to the following questions if they are applicable to you:\n\n1. What additional background information about the selection, scheduling, scope, or\n   procedures of the inspection would have been helpful to the reader in understanding this\n   report?\n\n2. What additional information related to findings and recommendations could have been\n   included in the report to assist management in implementing corrective actions?\n\n3. What format, stylistic, or organizational changes might have made this report\xe2\x80\x99s overall\n   message more clear to the reader?\n\n4. What additional actions could the Office of Inspector General have taken on the issues\n   discussed in this report which would have been helpful?\n\n5. Please include your name and telephone number so that we may contact you should we nay\n   any questions about your comments.\n\n\nName                                          Date\n\nTelephone                                     Organization\n\n\nWhen you have completed this form, you may telefax it to the Office of Inspector General at\n(202) 586-0948, or you may mail it to:\n\n                               Office of Inspector General (IG-1)\n                                     Department of Energy\n                                    Washington, DC 20585\n\n                                  ATTN: Customer Relations\n\nIf you wish to discuss this report or your comments with a staff member of the Office of\nInspector General, please contact Wilma Slaughter at (202) 586-1924.\n\x0cThis page intentionally left blank.\n\x0cThe Office of Inspector General wants to make the distribution of its reports as customer friendly and cost\n  effective as possible. Therefore, this report will be available electronically through the Internet at the\n                                             following address:\n\n                   U.S. Department of Energy Office of Inspector General Home Page\n                                        http://www.ig.doe.gov\n\n       Your comments would be appreciated and can be provided on the Customer Response Form\n                                      attached to the report.\n\x0c'